Export limit exceeded: 364799 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364799 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364799 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-21157 1 Intel 1 Smart Campus 2025-05-05 5.5 Medium
Improper access control in the Intel(R) Smart Campus Android application before version 6.1 may allow authenticated user to potentially enable information disclosure via local access.
CVE-2022-21156 1 Intel 1 Trace Analyzer And Collector 2025-05-05 5.5 Medium
Access of uninitialized pointer in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2022-21153 1 Intel 1 Capital Global Summit 2025-05-05 5.5 Medium
Improper access control in the Intel(R) Capital Global Summit Android application may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-21152 1 Intel 1 Edge Insights For Industrial 2025-05-05 5.5 Medium
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-21151 3 Debian, Intel, Netapp 796 Debian Linux, Celeron J1750, Celeron J1750 Firmware and 793 more 2025-05-05 5.5 Medium
Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-21148 1 Intel 1 Edge Insights For Industrial 2025-05-05 7.8 High
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2022-21140 1 Intel 36 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 33 more 2025-05-05 5.5 Medium
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable information disclosure via local access.
CVE-2022-21139 1 Intel 18 Proset Wi-fi 6e Ax210, Proset Wi-fi 6e Ax210 Firmware, Wi-fi 6 Ax200 and 15 more 2025-05-05 8.8 High
Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2022-21136 1 Intel 292 Core I9-7900x, Core I9-7900x Firmware, Core I9-7920x and 289 more 2025-05-05 5.5 Medium
Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access.
CVE-2022-21133 1 Intel 1 Trace Analyzer And Collector 2025-05-05 5.5 Medium
Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2022-21131 1 Intel 292 Core I9-7900x, Core I9-7900x Firmware, Core I9-7920x and 289 more 2025-05-05 5.5 Medium
Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-21128 1 Intel 1 Advisor 2025-05-05 7.8 High
Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2022-21127 3 Debian, Intel, Xen 5 Debian Linux, Sgx Dcap, Sgx Psw and 2 more 2025-05-05 5.5 Medium
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-21125 6 Debian, Fedoraproject, Intel and 3 more 14 Debian Linux, Fedora, Sgx Dcap and 11 more 2025-05-05 5.5 Medium
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-21123 6 Debian, Fedoraproject, Intel and 3 more 14 Debian Linux, Fedora, Sgx Dcap and 11 more 2025-05-05 5.5 Medium
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-1473 3 Netapp, Openssl, Redhat 44 A250, A250 Firmware, A700s and 41 more 2025-05-05 7.5 High
The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will expand without bounds and the process might be terminated by the operating system causing a denial of service. Also traversing the empty hash table entries will take increasingly more time. Typically such long lived processes might be TLS clients or TLS servers configured to accept client certificate authentication. The function was added in the OpenSSL 3.0 version thus older releases are not affected by the issue. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2).
CVE-2022-1343 3 Netapp, Openssl, Redhat 44 A250, A250 Firmware, A700s and 41 more 2025-05-05 5.3 Medium
The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate fails to verify. It is anticipated that most users of `OCSP_basic_verify` will not use the OCSP_NOCHECKS flag. In this case the `OCSP_basic_verify` function will return a negative value (indicating a fatal error) in the case of a certificate verification failure. The normal expected return value in this case would be 0. This issue also impacts the command line OpenSSL "ocsp" application. When verifying an ocsp response with the "-no_cert_checks" option the command line application will report that the verification is successful even though it has in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2).
CVE-2022-1094 1 Anmari 1 Amr Users 2025-05-05 4.8 Medium
The amr users WordPress plugin before 4.59.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
CVE-2022-0005 1 Intel 918 Celeron G5205u, Celeron G5205u Firmware, Celeron G5305u and 915 more 2025-05-05 2.4 Low
Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access.
CVE-2022-0004 1 Intel 796 Atom P5921b, Atom P5921b Firmware, Atom P5931b and 793 more 2025-05-05 6.8 Medium
Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access.